This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Application Access denying local traffic on

Hi All,

I have been having performance issues across device-to-device and device to XG gateway communicating within the LAN. As part of troubleshooting I have all devices and Access Points (AP55) connected to an un-managed gig switch going into Port 1 (LAN).

The issue I see is the default FW rule (0) is blocking on Application Access. I have set my main firewall rule to 'allow all' for Application Control and have even tried creating a Lan-2-Lan rule with the same setting, but with no luck.

Has anyone had the same issue, as I dont see why the FW is blocking communication across the local network that is all going through port 1. I do have the XG configured with Bridge mode from default setup (Port 1, 3,4)

2020-04-20 11:38:25 0103021 IP 10.0.0.12.51042 > 10.0.0.1.8905 : proto UDP: packet len: 145 checksum : 13624
0x0000: 4500 00a5 32b6 0000 8011 f385 0a00 000c E...2...........
0x0010: 0a00 0001 c762 22c9 0091 3538 0000 0089 .....b"...58....
0x0020: 0101 bcb5 58de 025b 103a efd4 e168 6e41 ....X..[.:...hnA
0x0030: 4d50 0be8 2751 70bf 2f3e 2ac3 6eab 5933 MP..'Qp./>*.n.Y3
0x0040: 601e 9236 924c bf2c f3ec 975d d9a6 aa20 `..6.L.,...]....
Date=2020-04-20 Time=11:38:25 log_id=0103021 log_type=Firewall log_component=Local_ACLs log_subtype=Denied log_status=N/A log_priority=Alert duration=N/A in_dev=Port1 out_dev= inzone_id=1 outzone_id=4 source_mac=40:a3:cc:a8:a2:23 dest_mac=00:1a:8c:00:28:f0 l3_protocol=IP source_ip=10.0.0.12 dest_ip=10.0.0.1 l4_protocol=UDP source_port=51042 dest_port=8905 fw_rule_id=0 policytype=0 live_userid=0 userid=0 user_gp=0 ips_id=0 sslvpn_id=0 web_filter_id=0 hotspot_id=0 hotspotuser_id=0 hb_src=0 hb_dst=0 dnat_done=0 proxy_flags=0 icap_id=0 app_filter_id=0 app_category_id=0 app_id=0 category_id=0 bandwidth_id=0 up_classid=0 dn_classid=0 source_nat_id=0 cluster_node=0 inmark=0x0 nfqueue=0 scanflags=0 gateway_offset=0 max_session_bytes=0 drop_fix=0 ctflags=16 connid=2206515200 masterid=0 status=256 state=0 sent_pkts=N/A recv_pkts=N/A sent_bytes=N/A recv_bytes=N/A tran_src_ip=N/A tran_src_port=N/A tran_dst_ip=N/A tran_dst_port=N/A

This thread was automatically locked due to age.

Parents

0 rfcat_vk over 5 years ago

Hi,

you can ignore the port 0 traffic, that is connections that timed out, do not match any firewall rule. Some of them are broadcasts which will fail anyway.

Default firewall rule 0 is a block all rule so it is doing its job.

There shouldn't be any traffic across port 1 because your switch should be directing the traffic to the correct switch ports.

So. from what you are saying is your switch is not switching traffic within itself.

Why are you in bridge mode? Port 1 does not appear to be part of your bridge otherwise you would see traffic dropped on br0.

Ian
Cancel
Vote Up 0 Vote Down

Cancel
0 msaggers over 5 years ago in reply to rfcat_vk

Thanks Ian.

so the XG is just dropping large amounts of broadcast (UDP) traffic and this shouldn't be of a concern?

Cheers,

Matt
Cancel
Vote Up 0 Vote Down

Cancel
0 rfcat_vk over 5 years ago in reply to msaggers

Hi Matt,

Correct.

Ian
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 rfcat_vk over 5 years ago in reply to msaggers

Hi Matt,

Correct.

Ian
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data